From 8c26d6fda72bc26ad690758f45b39b73b1594429 Mon Sep 17 00:00:00 2001 From: dnomd343 Date: Mon, 1 Aug 2022 11:19:59 +0800 Subject: [PATCH] feat: use self-signed certificate --- Dockerfile | 12 ++++++++++++ Tester/Plugin.py | 14 ++++++++------ Tester/Settings.py | 6 +++--- Tester/__init__.py | 38 ++++++++++++++++++++++++++++++++++++-- test.py | 18 ++++++++++-------- 5 files changed, 69 insertions(+), 19 deletions(-) diff --git a/Dockerfile b/Dockerfile index 447c874..3b969d2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -437,6 +437,17 @@ RUN \ COPY --from=upx /upx/ /usr/ RUN upx -9 /tmp/dnsproxy +# Compile mad +FROM golang:1.16-alpine3.15 AS mad +ENV MAD_VERSION="v20210401" +RUN \ + wget https://github.com/txthinking/mad/archive/refs/tags/${MAD_VERSION}.tar.gz && \ + tar xf ${MAD_VERSION}.tar.gz && cd ./mad-*/cli/mad/ && \ + CGO_ENABLED=0 go build -ldflags="-s -w" && \ + mv ./mad /tmp/ +COPY --from=upx /upx/ /usr/ +RUN upx -9 /tmp/mad + # Combine all release FROM python:3.10-alpine3.16 AS asset COPY --from=python-pkg /packages.tar.gz / @@ -460,6 +471,7 @@ COPY --from=relaybaton /tmp/relaybaton /asset/usr/bin/ COPY --from=pingtunnel /tmp/pingtunnel /asset/usr/bin/ COPY --from=wireproxy /tmp/wireproxy /asset/usr/bin/ COPY --from=dnsproxy /tmp/dnsproxy /asset/usr/bin/ +COPY --from=mad /tmp/mad /asset/usr/bin/ # Release docker image FROM python:3.10-alpine3.16 diff --git a/Tester/Plugin.py b/Tester/Plugin.py index 7f2fa80..bc62e94 100644 --- a/Tester/Plugin.py +++ b/Tester/Plugin.py @@ -12,10 +12,7 @@ from Basis.Functions import genFlag, hostFormat, getAvailablePort pluginParams = { - 'SITE': Settings['site'], - 'HOST': Settings['host'], - 'CERT': Settings['cert'], - 'KEY': Settings['key'], + 'SITE': Settings['site'] } pluginConfig = { @@ -321,8 +318,13 @@ def load(proxyType: str): raise RuntimeError('Unknown proxy type for sip003 plugin') cloakLoad() # init cloak config kcptunLoad() # init kcptun config - pluginParams['PASSWD'] = genFlag(length = 8) # random password for test - pluginParams['PATH'] = '/' + genFlag(length = 6) # random uri path for test + pluginParams.update({ + 'HOST': Settings['host'], + 'CERT': Settings['cert'], + 'KEY': Settings['key'], + 'PASSWD': genFlag(length = 8), # random password for test + 'PATH': '/' + genFlag(length = 6), # random uri path for test + }) for pluginType in pluginConfig: for pluginTest, pluginTestInfo in pluginConfig[pluginType].items(): # traverse all plugin test item pluginParams['RANDOM'] = genFlag(length = 8) # refresh RANDOM field diff --git a/Tester/Settings.py b/Tester/Settings.py index 72378d2..34515fc 100644 --- a/Tester/Settings.py +++ b/Tester/Settings.py @@ -6,7 +6,7 @@ Settings = { 'serverBind': '127.0.0.1', 'clientBind': '127.0.0.1', 'site': 'www.bing.com', - 'host': '343.re', - 'cert': '/etc/ssl/certs/343.re/fullchain.pem', - 'key': '/etc/ssl/certs/343.re/privkey.pem', + 'host': '', + 'cert': '', + 'key': '', } diff --git a/Tester/__init__.py b/Tester/__init__.py index cb00395..ef7c3d2 100644 --- a/Tester/__init__.py +++ b/Tester/__init__.py @@ -1,11 +1,13 @@ #!/usr/bin/env python3 # -*- coding: utf-8 -*- +import os import time import requests from threading import Thread from Basis.Logger import logging -from Basis.Functions import md5Sum, hostFormat, checkPortStatus +from Tester.Settings import Settings +from Basis.Functions import md5Sum, genFlag, hostFormat, checkPortStatus from Tester import Brook from Tester import VMess @@ -16,7 +18,7 @@ from Tester import Hysteria from Tester import Shadowsocks from Tester import ShadowsocksR -testEntry = { +entry = { 'ss': Shadowsocks.load(), 'ss-all': Shadowsocks.load(isExtra = True), 'ssr': ShadowsocksR.load(), @@ -108,3 +110,35 @@ def test(testIter: iter, threadNum: int, testUrl: str, testFilter: set or None = break for thread in threads: # wait until all threads exit thread.join() + + +def loadCert(host: str = 'proxyc.net', remark: str = 'ProxyC'): + loadPath = lambda x: os.path.join(Settings['workDir'], x) + certFlag = genFlag(length = 8) + caCert = loadPath('proxyc_%s_ca.pem' % certFlag) + caKey = loadPath('proxyc_%s_ca_key.pem' % certFlag) + cert = loadPath('proxyc_%s_cert.pem' % certFlag) + key = loadPath('proxyc_%s_cert_key.pem' % certFlag) + logging.critical('Create self-signed certificate') + os.system('mkdir -p %s' % Settings['workDir']) # create work directory + logging.critical('Create CA certificate and key') + os.system(' '.join(['mad', 'ca'] + [ + '--ca', caCert, '--key', caKey, + '--commonName', remark, + '--organization', remark, + '--organizationUnit', remark, + ])) + logging.critical('Signing certificate') + os.system(' '.join(['mad', 'cert'] + [ + '--ca', caCert, '--ca_key', caKey, + '--cert', cert, '--key', key, + '--domain', host, + '--organization', remark, + '--organizationUnit', remark, + ])) + logging.critical('Install CA certificate') + os.system('cat %s >> /etc/ssl/certs/ca-certificates.crt' % caCert) + Settings['host'] = host + Settings['cert'] = cert + Settings['key'] = key + logging.warning('Certificate loading complete') diff --git a/test.py b/test.py index 91ab020..26683ba 100755 --- a/test.py +++ b/test.py @@ -1,9 +1,9 @@ #!/usr/bin/env python3 # -*- coding: utf-8 -*- +import os import sys import Tester -from Tester import testEntry from Basis.Logger import logging threadNum = 16 @@ -31,6 +31,7 @@ def getArg(field: str) -> str or None: except: return None + if '--help' in sys.argv: print(helpMsg) sys.exit(0) @@ -43,17 +44,18 @@ if getArg('--thread') is not None: if getArg('--filter') is not None: testFilter = set(getArg('--filter').split(',')) -logging.critical('test item: ' + ('all' if testItem is None else testItem)) -logging.critical('filter: %s' % testFilter) -logging.critical('url: ' + testUrl) -logging.critical('thread number: %i' % threadNum) +Tester.loadCert('proxyc.net', 'ProxyC') +logging.critical('TEST ITEM: ' + ('all' if testItem is None else testItem)) +logging.critical('FILTER: %s' % testFilter) +logging.critical('URL: ' + testUrl) +logging.critical('THREAD NUMBER: %i' % threadNum) logging.critical('TEST START') if testItem is not None: - Tester.test(testEntry[testItem], threadNum, testUrl, testFilter) + Tester.test(Tester.entry[testItem], threadNum, testUrl, testFilter) else: - for item in testEntry: + for item in Tester.entry: if item == ('ss' if '--all' in sys.argv else 'ss-all'): # skip ss / ss-all continue logging.critical('TEST ITEM -> ' + item) - Tester.test(testEntry[item], threadNum, testUrl, testFilter) + Tester.test(Tester.entry[item], threadNum, testUrl, testFilter) logging.critical('TEST COMPLETE')